http://www.nytimes.com/2003/07/07/technology/07BLOW.html?pagewanted=1&th<SNIP>
By JOHN MARKOFF
itting at his laptop computer in a hotel near Toronto one day last October, Gregory Gabrenya was alarmed by what he discovered in the sales-support database of his new employer, Platform Software: the names of more than 30 employees of the United States National Security Agency.
The security agency, one of many federal supercomputer users that rely on Platform's software, typically keeps the identities of its employees under tight wraps. Mr. Gabrenya, who had just joined Platform as a salesman, found the names on a list of potential customer contacts for Platform's sales team. The discovery crystallized his growing concern that the company was perhaps too lax about the national security needs of its United States government customers, in the military, intelligence and research.
"Anyone who had an account on the system could see this list," Mr. Gabrenya recalled in a recent interview. "They shouldn't be seeing this information and I shouldn't be seeing it."
What really worried him, Mr. Gabrenya said, was that Platform, although based in Markham, Ontario, maintains a software maintenance and testing operation in Beijing — which he was not sure the company had made clear enough to its American government customers.
<SNIP>
"Software is so goofy because there is so many lines of code that hiding Trojans inside the system is the easiest thing in the world to do," said Keith A. Rhodes, the chief technologist of the General Accounting Office. "Setting aside national security, we're also talking about a tremendous advantage you give to your national competitors."
<SNIP>
Executives at Platform Software dispute Mr. Gabrenya's charges, saying the company has stringent rules in place to separate its foreign operations from its domestic software development process and computer systems. The company says that none of its software for customers in the American government is developed in China and that it has carefully informed those customers about its test and maintenance organization in China.
-MORE-
This is just one of the dumbest things I've read in a long time. We don't have enough intelligent, talented programmers here in the U.S. so we have to subcontract to China. And the government is the end user. Smart, really smart.